FreshRSS

🔒
❌ Secure Planet Training Courses Updated For 2019 - Click Here
☷
△ 🔃
There are new available articles, click to refresh the page.
☐ ☆ ✇ The Hacker News

QNAP Releases Patch for 2 Critical Flaws Threatening Your NAS Devices

By: Newsroom — November 6th 2023 at 16:55
QNAP has released security updates to address two critical security flaws impacting its operating system that could result in arbitrary code execution. Tracked as CVE-2023-23368 (CVSS score: 9.8), the vulnerability is described as a command injection bug affecting QTS, QuTS hero, and QuTScloud. "If exploited, the vulnerability could allow remote attackers to execute commands via a network," the
☐ ☆ ✇ The Hacker News

Zyxel Releases Urgent Security Updates for Critical Vulnerability in NAS Devices

By: Ravie Lakshmanan — June 20th 2023 at 12:12
Zyxel has rolled out security updates to address a critical security flaw in its network-attached storage (NAS) devices that could result in the execution of arbitrary commands on affected systems. Tracked as CVE-2023-27992 (CVSS score: 9.8), the issue has been described as a pre-authentication command injection vulnerability. "The pre-authentication command injection vulnerability in some Zyxel
☐ ☆ ✇ The Hacker News

RTM Locker's First Linux Ransomware Strain Targeting NAS and ESXi Hosts

By: Ravie Lakshmanan — April 27th 2023 at 10:15
The threat actors behind RTM Locker have developed a ransomware strain that's capable of targeting Linux machines, marking the group's first foray into the open source operating system. "Its locker ransomware infects Linux, NAS, and ESXi hosts and appears to be inspired by Babuk ransomware's leaked source code," Uptycs said in a new report published Wednesday. "It uses a combination of ECDH on
☐ ☆ ✇ The Hacker News

QNAP Fixes Critical Vulnerability in NAS Devices with Latest Security Updates

By: Ravie Lakshmanan — January 31st 2023 at 04:06
Taiwanese company QNAP has released updates to remediate a critical security flaw affecting its network-attached storage (NAS) devices that could lead to arbitrary code injection. Tracked as CVE-2022-27596, the vulnerability is rated 9.8 out of a maximum of 10 on the CVSS scoring scale. It affects QTS 5.0.1 and QuTS hero h5.0.1. "If exploited, this vulnerability allows remote attackers to inject
☐ ☆ ✇ The Hacker News

Critical RCE Vulnerability Affects Zyxel NAS Devices — Firmware Patch Released

By: Ravie Lakshmanan — September 7th 2022 at 05:28
Networking equipment maker Zyxel has released patches for a critical security flaw impacting its network-attached storage (NAS) devices. Tracked as CVE-2022-34747 (CVSS score: 9.8), the issue relates to a "format string vulnerability" affecting NAS326, NAS540, and NAS542 models. Zyxel credited researcher Shaposhnikov Ilya for reporting the flaw. "A format string vulnerability was found in a
☐ ☆ ✇ The Hacker News

QNAP Warns of New DeadBolt Ransomware Attacks Exploiting Photo Station Flaw

By: Ravie Lakshmanan — September 6th 2022 at 03:11
QNAP has issued a new advisory urging users of its network-attached storage (NAS) devices to upgrade to the latest version of Photo Station following yet another wave of DeadBolt ransomware attacks in the wild by exploiting a zero-day flaw in the software. The Taiwanese company said it detected the attacks on September 3 and that "the campaign appears to target QNAP NAS devices running Photo
❌